From owner-svn-src-stable-11@freebsd.org Sun Feb 9 22:15:38 2020 Return-Path: Delivered-To: svn-src-stable-11@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id CC75F244595; Sun, 9 Feb 2020 22:15:38 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48G3JV5MVJz4cGb; Sun, 9 Feb 2020 22:15:38 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9A293D369; Sun, 9 Feb 2020 22:15:38 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 019MFcJn074732; Sun, 9 Feb 2020 22:15:38 GMT (envelope-from kevans@FreeBSD.org) Received: (from kevans@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 019MFZIX074717; Sun, 9 Feb 2020 22:15:35 GMT (envelope-from kevans@FreeBSD.org) Message-Id: <202002092215.019MFZIX074717@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kevans set sender to kevans@FreeBSD.org using -f From: Kyle Evans Date: Sun, 9 Feb 2020 22:15:35 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r357706 - in stable: 11/contrib/netbsd-tests/lib/libc/c063 11/lib/libc/sys 11/lib/libc/tests/c063 11/sys/cddl/contrib/opensolaris/uts/common/fs/zfs 11/sys/fs/devfs 11/sys/fs/fuse 11/sys... X-SVN-Group: stable-11 X-SVN-Commit-Author: kevans X-SVN-Commit-Paths: in stable: 11/contrib/netbsd-tests/lib/libc/c063 11/lib/libc/sys 11/lib/libc/tests/c063 11/sys/cddl/contrib/opensolaris/uts/common/fs/zfs 11/sys/fs/devfs 11/sys/fs/fuse 11/sys/fs/nfsclient 11/sys/fs/s... X-SVN-Commit-Revision: 357706 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-11@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for only the 11-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 09 Feb 2020 22:15:38 -0000 Author: kevans Date: Sun Feb 9 22:15:35 2020 New Revision: 357706 URL: https://svnweb.freebsd.org/changeset/base/357706 Log: MFC O_SEARCH: r357412, r357461, r357580, r357584, r357636, r357671, r357688 r357412: Provide O_SEARCH O_SEARCH is defined by POSIX [0] to open a directory for searching, skipping permissions checks on the directory itself after the initial open(). This is close to the semantics we've historically applied for O_EXEC on a directory, which is UB according to POSIX. Conveniently, O_SEARCH on a file is also explicitly undefined behavior according to POSIX, so O_EXEC would be a fine choice. The spec goes on to state that O_SEARCH and O_EXEC need not be distinct values, but they're not defined to be the same value. This was pointed out as an incompatibility with other systems that had made its way into libarchive, which had assumed that O_EXEC was an alias for O_SEARCH. This defines compatibility O_SEARCH/FSEARCH (equivalent to O_EXEC and FEXEC respectively) and expands our UB for O_EXEC on a directory. O_EXEC on a directory is checked in vn_open_vnode already, so for completeness we add a NOEXECCHECK when O_SEARCH has been specified on the top-level fd and do not re-check that when descending in namei. [0] https://pubs.opengroup.org/onlinepubs/9699919799/ r357461: namei: preserve errors from fget_cap_locked Most notably, we want to make sure we don't clobber any capabilities-related errors. This is a regression from r357412 (O_SEARCH) that was picked up by the capsicum tests. r357580: O_SEARCH test: drop O_SEARCH|O_RDWR local diff In FreeBSD's O_SEARCH implementation, O_SEARCH in conjunction with O_RDWR or O_WRONLY is explicitly rejected. In this case, O_RDWR was not necessary anyways as the file will get created with or without it. This was submitted upstream as misc/54940 and committed in rev 1.8 of the file. r357584: Record-only MFV of r357583: netbsd-tests: import upstreamed changes The changes in question originated in FreeBSD/head; no further action is required. r357636: MFV r357635: imnport v1.9 of the O_SEARCH tests The RCSID data was wrong, so this is effectively a record-only merge with correction of said data. No further changes should be needed in this area, as we've now upstreamed our local changes to this specific test. r357671: O_SEARCH test: mark revokex an expected fail on NFS The revokex test does not work when the scratch directory is created on NFS. Given the nature of NFS, it likely can never work without looking like a security hole since O_SEARCH would rely on the server knowing that the directory did have +x at the time of open and that it's OK for it to have been revoked based on POSIX specification for O_SEARCH. This does mean that O_SEARCH is only partially functional on NFS in general, but I suspect the execute bit getting revoked in the process is likely not common. r357688: MFV r357687: Import NFS fix for O_SEARCH tests The version that ended upstream was ultimately slightly different than the version committed here; notably, statvfs() is used but it's redefined appropriately to statfs() on FreeBSD since we don't provide the fstypename for the former interface. Modified: stable/11/contrib/netbsd-tests/lib/libc/c063/t_o_search.c stable/11/lib/libc/sys/open.2 stable/11/lib/libc/tests/c063/Makefile stable/11/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c stable/11/sys/fs/devfs/devfs_vnops.c stable/11/sys/fs/fuse/fuse_vnops.c stable/11/sys/fs/nfsclient/nfs_clvnops.c stable/11/sys/fs/smbfs/smbfs_vnops.c stable/11/sys/fs/tmpfs/tmpfs_vnops.c stable/11/sys/kern/vfs_cache.c stable/11/sys/kern/vfs_lookup.c stable/11/sys/kern/vfs_subr.c stable/11/sys/sys/fcntl.h stable/11/sys/sys/namei.h stable/11/sys/sys/vnode.h Directory Properties: stable/11/ (props changed) Changes in other areas also in this revision: Modified: stable/12/contrib/netbsd-tests/lib/libc/c063/t_o_search.c stable/12/lib/libc/sys/open.2 stable/12/lib/libc/tests/c063/Makefile stable/12/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c stable/12/sys/fs/devfs/devfs_vnops.c stable/12/sys/fs/fuse/fuse_vnops.c stable/12/sys/fs/nfsclient/nfs_clvnops.c stable/12/sys/fs/smbfs/smbfs_vnops.c stable/12/sys/fs/tmpfs/tmpfs_vnops.c stable/12/sys/kern/vfs_cache.c stable/12/sys/kern/vfs_lookup.c stable/12/sys/kern/vfs_subr.c stable/12/sys/sys/fcntl.h stable/12/sys/sys/namei.h stable/12/sys/sys/vnode.h Directory Properties: stable/12/ (props changed) Modified: stable/11/contrib/netbsd-tests/lib/libc/c063/t_o_search.c ============================================================================== --- stable/11/contrib/netbsd-tests/lib/libc/c063/t_o_search.c Sun Feb 9 22:05:41 2020 (r357705) +++ stable/11/contrib/netbsd-tests/lib/libc/c063/t_o_search.c Sun Feb 9 22:15:35 2020 (r357706) @@ -1,4 +1,4 @@ -/* $NetBSD: t_o_search.c,v 1.5 2017/01/10 22:25:01 christos Exp $ */ +/* $NetBSD: t_o_search.c,v 1.10 2020/02/08 19:58:36 kamil Exp $ */ /*- * Copyright (c) 2012 The NetBSD Foundation, Inc. @@ -29,13 +29,16 @@ * POSSIBILITY OF SUCH DAMAGE. */ #include -__RCSID("$NetBSD: t_o_search.c,v 1.5 2017/01/10 22:25:01 christos Exp $"); +__RCSID("$NetBSD: t_o_search.c,v 1.10 2020/02/08 19:58:36 kamil Exp $"); #include -#include +#include +#include +#include #include +#include #include #include #include @@ -50,10 +53,15 @@ __RCSID("$NetBSD: t_o_search.c,v 1.5 2017/01/10 22:25: * until a decision is reached about the semantics of O_SEARCH and a * non-broken implementation is available. */ -#if (O_MASK & O_SEARCH) != 0 +#if defined(__FreeBSD__) || (O_MASK & O_SEARCH) != 0 #define USE_O_SEARCH #endif +#ifdef __FreeBSD__ +#define statvfs statfs +#define fstatvfs fstatfs +#endif + #define DIR "dir" #define FILE "dir/o_search" #define BASEFILE "o_search" @@ -257,12 +265,82 @@ ATF_TC_BODY(o_search_notdir, tc) int fd; ATF_REQUIRE(mkdir(DIR, 0755) == 0); - ATF_REQUIRE((dfd = open(FILE, O_CREAT|O_RDWR|O_SEARCH, 0644)) != -1); + ATF_REQUIRE((dfd = open(FILE, O_CREAT|O_SEARCH, 0644)) != -1); ATF_REQUIRE((fd = openat(dfd, BASEFILE, O_RDWR, 0)) == -1); ATF_REQUIRE(errno == ENOTDIR); ATF_REQUIRE(close(dfd) == 0); } +#ifdef USE_O_SEARCH +ATF_TC(o_search_nord); +ATF_TC_HEAD(o_search_nord, tc) +{ + atf_tc_set_md_var(tc, "descr", "See that openat succeeds with no read permission"); + atf_tc_set_md_var(tc, "require.user", "unprivileged"); +} +ATF_TC_BODY(o_search_nord, tc) +{ + int dfd, fd; + + ATF_REQUIRE(mkdir(DIR, 0755) == 0); + ATF_REQUIRE((fd = open(FILE, O_CREAT|O_RDWR, 0644)) != -1); + ATF_REQUIRE(close(fd) == 0); + + ATF_REQUIRE(chmod(DIR, 0100) == 0); + ATF_REQUIRE((dfd = open(DIR, O_SEARCH, 0)) != -1); + + ATF_REQUIRE(faccessat(dfd, BASEFILE, W_OK, 0) != -1); + + ATF_REQUIRE(close(dfd) == 0); +} + +ATF_TC(o_search_getdents); +ATF_TC_HEAD(o_search_getdents, tc) +{ + atf_tc_set_md_var(tc, "descr", "See that O_SEARCH forbids getdents"); +} +ATF_TC_BODY(o_search_getdents, tc) +{ + char buf[1024]; + int dfd; + + ATF_REQUIRE(mkdir(DIR, 0755) == 0); + ATF_REQUIRE((dfd = open(DIR, O_SEARCH, 0)) != -1); + ATF_REQUIRE(getdents(dfd, buf, sizeof(buf)) < 0); + ATF_REQUIRE(close(dfd) == 0); +} + +ATF_TC(o_search_revokex); +ATF_TC_HEAD(o_search_revokex, tc) +{ + atf_tc_set_md_var(tc, "descr", "See that *at behaves after chmod -x"); + atf_tc_set_md_var(tc, "require.user", "unprivileged"); +} +ATF_TC_BODY(o_search_revokex, tc) +{ + struct statvfs vst; + struct stat sb; + int dfd, fd; + + ATF_REQUIRE(mkdir(DIR, 0755) == 0); + ATF_REQUIRE((fd = open(FILE, O_CREAT|O_RDWR, 0644)) != -1); + ATF_REQUIRE(close(fd) == 0); + + ATF_REQUIRE((dfd = open(DIR, O_SEARCH, 0)) != -1); + + /* Drop permissions. The kernel must still not check the exec bit. */ + ATF_REQUIRE(chmod(DIR, 0000) == 0); + + fstatvfs(dfd, &vst); + if (strcmp(vst.f_fstypename, "nfs") == 0) + atf_tc_expect_fail("NFS protocol cannot observe O_SEARCH semantics"); + + ATF_REQUIRE(fstatat(dfd, BASEFILE, &sb, 0) == 0); + + ATF_REQUIRE(close(dfd) == 0); +} +#endif /* USE_O_SEARCH */ + ATF_TP_ADD_TCS(tp) { @@ -277,6 +355,11 @@ ATF_TP_ADD_TCS(tp) ATF_TP_ADD_TC(tp, o_search_unpriv_flag2); #endif ATF_TP_ADD_TC(tp, o_search_notdir); +#ifdef USE_O_SEARCH + ATF_TP_ADD_TC(tp, o_search_nord); + ATF_TP_ADD_TC(tp, o_search_getdents); + ATF_TP_ADD_TC(tp, o_search_revokex); +#endif return atf_no_error(); } Modified: stable/11/lib/libc/sys/open.2 ============================================================================== --- stable/11/lib/libc/sys/open.2 Sun Feb 9 22:05:41 2020 (r357705) +++ stable/11/lib/libc/sys/open.2 Sun Feb 9 22:15:35 2020 (r357706) @@ -28,7 +28,7 @@ .\" @(#)open.2 8.2 (Berkeley) 11/16/93 .\" $FreeBSD$ .\" -.Dd September 17, 2019 +.Dd February 9, 2020 .Dt OPEN 2 .Os .Sh NAME @@ -126,6 +126,7 @@ O_RDONLY open for reading only O_WRONLY open for writing only O_RDWR open for reading and writing O_EXEC open for execute only +O_SEARCH open for search only, an alias for O_EXEC O_NONBLOCK do not block on open O_APPEND append on each write O_CREAT create file if it does not exist @@ -266,6 +267,19 @@ means is implementation specific. The run-time linker (rtld) uses this flag to ensure shared objects have been verified before operating on them. .Pp +When +.Fa fd +is opened with +.Dv O_SEARCH , +execute permissions are checked at open time. +The +.Fa fd +may not be used for any read operations like +.Xr getdirentries 2 . +The primary use for this descriptor will be as the lookup descriptor for the +.Fn *at +family of functions. +.Pp If successful, .Fn open returns a non-negative integer, termed a file descriptor. @@ -458,9 +472,12 @@ An attempt was made to open a descriptor with an illeg of .Dv O_RDONLY , .Dv O_WRONLY , -.Dv O_RDWR +or +.Dv O_RDWR , and -.Dv O_EXEC . +.Dv O_EXEC +or +.Dv O_SEARCH . .It Bq Er EBADF The .Fa path Modified: stable/11/lib/libc/tests/c063/Makefile ============================================================================== --- stable/11/lib/libc/tests/c063/Makefile Sun Feb 9 22:05:41 2020 (r357705) +++ stable/11/lib/libc/tests/c063/Makefile Sun Feb 9 22:15:35 2020 (r357706) @@ -1,7 +1,5 @@ # $FreeBSD$ -#TODO: t_o_search - NETBSD_ATF_TESTS_C= faccessat_test NETBSD_ATF_TESTS_C+= fchmodat_test NETBSD_ATF_TESTS_C+= fchownat_test @@ -11,6 +9,7 @@ NETBSD_ATF_TESTS_C+= linkat_test NETBSD_ATF_TESTS_C+= mkdirat_test NETBSD_ATF_TESTS_C+= mkfifoat_test NETBSD_ATF_TESTS_C+= mknodat_test +NETBSD_ATF_TESTS_C+= o_search_test NETBSD_ATF_TESTS_C+= openat_test NETBSD_ATF_TESTS_C+= readlinkat_test NETBSD_ATF_TESTS_C+= renameat_test Modified: stable/11/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c ============================================================================== --- stable/11/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c Sun Feb 9 22:05:41 2020 (r357705) +++ stable/11/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c Sun Feb 9 22:15:35 2020 (r357706) @@ -1598,10 +1598,14 @@ zfs_lookup(vnode_t *dvp, char *nm, vnode_t **vpp, stru * Check accessibility of directory. */ if (!cached) { - error = zfs_zaccess(zdp, ACE_EXECUTE, 0, B_FALSE, cr); - if (error != 0) { - ZFS_EXIT(zfsvfs); - return (error); + if ((cnp->cn_flags & NOEXECCHECK) != 0) { + cnp->cn_flags &= ~NOEXECCHECK; + } else { + error = zfs_zaccess(zdp, ACE_EXECUTE, 0, B_FALSE, cr); + if (error != 0) { + ZFS_EXIT(zfsvfs); + return (error); + } } } Modified: stable/11/sys/fs/devfs/devfs_vnops.c ============================================================================== --- stable/11/sys/fs/devfs/devfs_vnops.c Sun Feb 9 22:05:41 2020 (r357705) +++ stable/11/sys/fs/devfs/devfs_vnops.c Sun Feb 9 22:15:35 2020 (r357706) @@ -902,8 +902,8 @@ devfs_lookupx(struct vop_lookup_args *ap, int *dm_unlo if ((flags & ISDOTDOT) && (dvp->v_vflag & VV_ROOT)) return (EIO); - error = VOP_ACCESS(dvp, VEXEC, cnp->cn_cred, td); - if (error) + error = vn_dir_check_exec(dvp, cnp); + if (error != 0) return (error); if (cnp->cn_namelen == 1 && *pname == '.') { Modified: stable/11/sys/fs/fuse/fuse_vnops.c ============================================================================== --- stable/11/sys/fs/fuse/fuse_vnops.c Sun Feb 9 22:05:41 2020 (r357705) +++ stable/11/sys/fs/fuse/fuse_vnops.c Sun Feb 9 22:15:35 2020 (r357706) @@ -699,7 +699,10 @@ fuse_vnop_lookup(struct vop_lookup_args *ap) bzero(&facp, sizeof(facp)); if (vnode_isvroot(dvp)) { /* early permission check hack */ - if ((err = fuse_internal_access(dvp, VEXEC, &facp, td, cred))) { + if ((cnp->cn_flags & NOEXECCHECK) != 0) { + cnp->cn_flags &= ~NOEXECCHECK; + } else if ((err = fuse_internal_access(dvp, VEXEC, &facp, td, + cred))) { return err; } } Modified: stable/11/sys/fs/nfsclient/nfs_clvnops.c ============================================================================== --- stable/11/sys/fs/nfsclient/nfs_clvnops.c Sun Feb 9 22:05:41 2020 (r357705) +++ stable/11/sys/fs/nfsclient/nfs_clvnops.c Sun Feb 9 22:15:35 2020 (r357706) @@ -1049,7 +1049,8 @@ nfs_lookup(struct vop_lookup_args *ap) } mtx_unlock(&np->n_mtx); - if ((error = VOP_ACCESS(dvp, VEXEC, cnp->cn_cred, td)) != 0) + error = vn_dir_check_exec(dvp, cnp); + if (error != 0) return (error); error = cache_lookup(dvp, vpp, cnp, &nctime, &ncticks); if (error > 0 && error != ENOENT) Modified: stable/11/sys/fs/smbfs/smbfs_vnops.c ============================================================================== --- stable/11/sys/fs/smbfs/smbfs_vnops.c Sun Feb 9 22:05:41 2020 (r357705) +++ stable/11/sys/fs/smbfs/smbfs_vnops.c Sun Feb 9 22:15:35 2020 (r357706) @@ -1196,7 +1196,8 @@ smbfs_lookup(ap) islastcn = flags & ISLASTCN; if (islastcn && (mp->mnt_flag & MNT_RDONLY) && (nameiop != LOOKUP)) return EROFS; - if ((error = VOP_ACCESS(dvp, VEXEC, cnp->cn_cred, td)) != 0) + error = vn_dir_check_exec(dvp, cnp); + if (error != 0) return error; smp = VFSTOSMBFS(mp); dnp = VTOSMB(dvp); Modified: stable/11/sys/fs/tmpfs/tmpfs_vnops.c ============================================================================== --- stable/11/sys/fs/tmpfs/tmpfs_vnops.c Sun Feb 9 22:05:41 2020 (r357705) +++ stable/11/sys/fs/tmpfs/tmpfs_vnops.c Sun Feb 9 22:15:35 2020 (r357706) @@ -84,7 +84,7 @@ tmpfs_lookup1(struct vnode *dvp, struct vnode **vpp, s *vpp = NULLVP; /* Check accessibility of requested node as a first step. */ - error = VOP_ACCESS(dvp, VEXEC, cnp->cn_cred, cnp->cn_thread); + error = vn_dir_check_exec(dvp, cnp); if (error != 0) goto out; Modified: stable/11/sys/kern/vfs_cache.c ============================================================================== --- stable/11/sys/kern/vfs_cache.c Sun Feb 9 22:05:41 2020 (r357705) +++ stable/11/sys/kern/vfs_cache.c Sun Feb 9 22:15:35 2020 (r357706) @@ -2096,9 +2096,7 @@ vfs_cache_lookup(struct vop_lookup_args *ap) int error; struct vnode **vpp = ap->a_vpp; struct componentname *cnp = ap->a_cnp; - struct ucred *cred = cnp->cn_cred; int flags = cnp->cn_flags; - struct thread *td = cnp->cn_thread; *vpp = NULL; dvp = ap->a_dvp; @@ -2110,8 +2108,8 @@ vfs_cache_lookup(struct vop_lookup_args *ap) (cnp->cn_nameiop == DELETE || cnp->cn_nameiop == RENAME)) return (EROFS); - error = VOP_ACCESS(dvp, VEXEC, cred, td); - if (error) + error = vn_dir_check_exec(dvp, cnp); + if (error != 0) return (error); error = cache_lookup(dvp, vpp, cnp, NULL, NULL); Modified: stable/11/sys/kern/vfs_lookup.c ============================================================================== --- stable/11/sys/kern/vfs_lookup.c Sun Feb 9 22:05:41 2020 (r357705) +++ stable/11/sys/kern/vfs_lookup.c Sun Feb 9 22:15:35 2020 (r357706) @@ -288,6 +288,7 @@ namei(struct nameidata *ndp) struct vnode *dp; /* the directory we are searching */ struct iovec aiov; /* uio for reading symbolic links */ struct componentname *cnp; + struct file *dfp; struct thread *td; struct proc *p; cap_rights_t rights; @@ -408,10 +409,29 @@ namei(struct nameidata *ndp) AUDIT_ARG_ATFD1(ndp->ni_dirfd); if (cnp->cn_flags & AUDITVNODE2) AUDIT_ARG_ATFD2(ndp->ni_dirfd); - error = fgetvp_rights(td, ndp->ni_dirfd, - &rights, &ndp->ni_filecaps, &dp); - if (error == EINVAL) + /* + * Effectively inlined fgetvp_rights, because we need to + * inspect the file as well as grabbing the vnode. + */ + error = fget_cap_locked(fdp, ndp->ni_dirfd, &rights, + &dfp, &ndp->ni_filecaps); + if (error != 0) { + /* + * Preserve the error; it should either be EBADF + * or capability-related, both of which can be + * safely returned to the caller. + */ + } else if (dfp->f_ops == &badfileops) { + error = EBADF; + } else if (dfp->f_vnode == NULL) { error = ENOTDIR; + } else { + dp = dfp->f_vnode; + vrefact(dp); + + if ((dfp->f_flag & FSEARCH) != 0) + cnp->cn_flags |= NOEXECCHECK; + } #ifdef CAPABILITIES /* * If file descriptor doesn't have all rights, Modified: stable/11/sys/kern/vfs_subr.c ============================================================================== --- stable/11/sys/kern/vfs_subr.c Sun Feb 9 22:05:41 2020 (r357705) +++ stable/11/sys/kern/vfs_subr.c Sun Feb 9 22:15:35 2020 (r357706) @@ -5485,3 +5485,15 @@ __mnt_vnode_markerfree_active(struct vnode **mvp, stru mtx_unlock(&vnode_free_list_mtx); mnt_vnode_markerfree_active(mvp, mp); } + +int +vn_dir_check_exec(struct vnode *vp, struct componentname *cnp) +{ + + if ((cnp->cn_flags & NOEXECCHECK) != 0) { + cnp->cn_flags &= ~NOEXECCHECK; + return (0); + } + + return (VOP_ACCESS(vp, VEXEC, cnp->cn_cred, cnp->cn_thread)); +} Modified: stable/11/sys/sys/fcntl.h ============================================================================== --- stable/11/sys/sys/fcntl.h Sun Feb 9 22:05:41 2020 (r357705) +++ stable/11/sys/sys/fcntl.h Sun Feb 9 22:15:35 2020 (r357706) @@ -117,9 +117,11 @@ typedef __pid_t pid_t; #if __POSIX_VISIBLE >= 200809 #define O_DIRECTORY 0x00020000 /* Fail if not directory */ #define O_EXEC 0x00040000 /* Open for execute only */ +#define O_SEARCH O_EXEC #endif #ifdef _KERNEL #define FEXEC O_EXEC +#define FSEARCH O_SEARCH #endif #if __POSIX_VISIBLE >= 200809 Modified: stable/11/sys/sys/namei.h ============================================================================== --- stable/11/sys/sys/namei.h Sun Feb 9 22:05:41 2020 (r357705) +++ stable/11/sys/sys/namei.h Sun Feb 9 22:15:35 2020 (r357706) @@ -153,7 +153,8 @@ struct nameidata { #define AUDITVNODE2 0x08000000 /* audit the looked up vnode information */ #define TRAILINGSLASH 0x10000000 /* path ended in a slash */ #define NOCAPCHECK 0x20000000 /* do not perform capability checks */ -#define PARAMASK 0x3ffffe00 /* mask of parameter descriptors */ +#define NOEXECCHECK 0x40000000 /* do not perform exec check on dir */ +#define PARAMASK 0x7ffffe00 /* mask of parameter descriptors */ /* * Flags in ni_lcf, valid for the duration of the namei call. Modified: stable/11/sys/sys/vnode.h ============================================================================== --- stable/11/sys/sys/vnode.h Sun Feb 9 22:05:41 2020 (r357705) +++ stable/11/sys/sys/vnode.h Sun Feb 9 22:15:35 2020 (r357706) @@ -898,6 +898,8 @@ int vn_chmod(struct file *fp, mode_t mode, struct ucre int vn_chown(struct file *fp, uid_t uid, gid_t gid, struct ucred *active_cred, struct thread *td); +int vn_dir_check_exec(struct vnode *vp, struct componentname *cnp); + #endif /* _KERNEL */ #endif /* !_SYS_VNODE_H_ */ From owner-svn-src-stable-11@freebsd.org Mon Feb 10 17:02:38 2020 Return-Path: Delivered-To: svn-src-stable-11@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 456B623EA73; Mon, 10 Feb 2020 17:02:38 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48GXJt1Brrz3DlR; Mon, 10 Feb 2020 17:02:38 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 1C048224BB; Mon, 10 Feb 2020 17:02:38 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 01AH2bI9053781; Mon, 10 Feb 2020 17:02:37 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 01AH2bxM053780; Mon, 10 Feb 2020 17:02:37 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <202002101702.01AH2bxM053780@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Mon, 10 Feb 2020 17:02:37 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r357733 - stable/11/release/doc/share/xml X-SVN-Group: stable-11 X-SVN-Commit-Author: gjb X-SVN-Commit-Paths: stable/11/release/doc/share/xml X-SVN-Commit-Revision: 357733 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-11@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for only the 11-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Feb 2020 17:02:38 -0000 Author: gjb Date: Mon Feb 10 17:02:37 2020 New Revision: 357733 URL: https://svnweb.freebsd.org/changeset/base/357733 Log: Fix a typo. Sponsored by: Rubicon Communications, LLC (netgate.com) Modified: stable/11/release/doc/share/xml/security.xml Modified: stable/11/release/doc/share/xml/security.xml ============================================================================== --- stable/11/release/doc/share/xml/security.xml Mon Feb 10 16:15:34 2020 (r357732) +++ stable/11/release/doc/share/xml/security.xml Mon Feb 10 17:02:37 2020 (r357733) @@ -137,7 +137,7 @@ FreeBSD-SA-20:03.thrmisc 28 January 2020 - Kennel stack data disclosure + Kernel stack data disclosure From owner-svn-src-stable-11@freebsd.org Wed Feb 12 02:04:04 2020 Return-Path: Delivered-To: svn-src-stable-11@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 370542499A3; Wed, 12 Feb 2020 02:04:04 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48HNH80ZtKz3Cqq; Wed, 12 Feb 2020 02:04:04 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 0E8D519C20; Wed, 12 Feb 2020 02:04:04 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 01C243w1054371; Wed, 12 Feb 2020 02:04:03 GMT (envelope-from kevans@FreeBSD.org) Received: (from kevans@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 01C243gn054369; Wed, 12 Feb 2020 02:04:03 GMT (envelope-from kevans@FreeBSD.org) Message-Id: <202002120204.01C243gn054369@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kevans set sender to kevans@FreeBSD.org using -f From: Kyle Evans Date: Wed, 12 Feb 2020 02:04:03 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r357789 - in stable: 11/etc 11/lib/libutil 12/lib/libutil 12/usr.bin/login X-SVN-Group: stable-11 X-SVN-Commit-Author: kevans X-SVN-Commit-Paths: in stable: 11/etc 11/lib/libutil 12/lib/libutil 12/usr.bin/login X-SVN-Commit-Revision: 357789 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-11@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for only the 11-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Feb 2020 02:04:04 -0000 Author: kevans Date: Wed Feb 12 02:04:03 2020 New Revision: 357789 URL: https://svnweb.freebsd.org/changeset/base/357789 Log: MFC r357560, r357707: login.conf(5) mail capability r357560: login.conf(5): split MAIL env var out into a "mail" capability This allows it to be easily suppressed in, e.g., the "daemon" class where it will not be properly expanded. This is a part of D21481. Submitted by: Andrew Gierth r357707: login.conf(5): update commented-out standard, too MAIL now has a mail capability, instead, as of r357560. Modified: stable/11/etc/login.conf stable/11/lib/libutil/login.conf.5 stable/11/lib/libutil/login_class.c Directory Properties: stable/11/ (props changed) Changes in other areas also in this revision: Modified: stable/12/lib/libutil/login.conf.5 stable/12/lib/libutil/login_class.c stable/12/usr.bin/login/login.conf Directory Properties: stable/12/ (props changed) Modified: stable/11/etc/login.conf ============================================================================== --- stable/11/etc/login.conf Wed Feb 12 00:58:17 2020 (r357788) +++ stable/11/etc/login.conf Wed Feb 12 02:04:03 2020 (r357789) @@ -26,7 +26,8 @@ default:\ :passwd_format=sha512:\ :copyright=/etc/COPYRIGHT:\ :welcome=/etc/motd:\ - :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\ + :setenv=BLOCKSIZE=K:\ + :mail=/var/mail/$:\ :path=/sbin /bin /usr/sbin /usr/bin /usr/local/sbin /usr/local/bin ~/bin:\ :nologin=/var/run/nologin:\ :cputime=unlimited:\ @@ -61,6 +62,7 @@ xuser:\ staff:\ :tc=default: daemon:\ + :mail@:\ :memorylocked=128M:\ :tc=default: news:\ @@ -121,7 +123,8 @@ russian|Russian Users Accounts:\ #standard:\ # :copyright=/etc/COPYRIGHT:\ # :welcome=/etc/motd:\ -# :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\ +# :setenv=BLOCKSIZE=K:\ +# :mail=/var/mail/$:\ # :path=~/bin /bin /usr/bin /usr/local/bin:\ # :manpath=/usr/share/man /usr/local/man:\ # :nologin=/var/run/nologin:\ Modified: stable/11/lib/libutil/login.conf.5 ============================================================================== --- stable/11/lib/libutil/login.conf.5 Wed Feb 12 00:58:17 2020 (r357788) +++ stable/11/lib/libutil/login.conf.5 Wed Feb 12 02:04:03 2020 (r357789) @@ -19,7 +19,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 8, 2011 +.Dd January 19, 2020 .Dt LOGIN.CONF 5 .Os .Sh NAME @@ -237,6 +237,7 @@ for details. .It "label string Default MAC policy; see" .Xr maclabel 7 . .It "lang string Set $LANG environment variable to the specified value." +.It "mail string Set $MAIL environment variable to the specified value." .It "manpath path Default search path for manpages." .It "nocheckmail bool false Display mail status at login." .It "nologin file If the file exists it will be displayed and" Modified: stable/11/lib/libutil/login_class.c ============================================================================== --- stable/11/lib/libutil/login_class.c Wed Feb 12 00:58:17 2020 (r357788) +++ stable/11/lib/libutil/login_class.c Wed Feb 12 02:04:03 2020 (r357789) @@ -132,6 +132,7 @@ static struct login_vars { }, envars[] = { { "lang", "LANG", NULL, 1}, { "charset", "MM_CHARSET", NULL, 1}, + { "mail", "MAIL", NULL, 1}, { "timezone", "TZ", NULL, 1}, { "term", "TERM", NULL, 0}, { NULL, NULL, NULL, 0} From owner-svn-src-stable-11@freebsd.org Wed Feb 12 02:07:38 2020 Return-Path: Delivered-To: svn-src-stable-11@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 25F49249AA0; Wed, 12 Feb 2020 02:07:38 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48HNMG08Hnz3D94; Wed, 12 Feb 2020 02:07:38 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id EFE6519C24; Wed, 12 Feb 2020 02:07:37 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 01C27baf054633; Wed, 12 Feb 2020 02:07:37 GMT (envelope-from kevans@FreeBSD.org) Received: (from kevans@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 01C27bZM054631; Wed, 12 Feb 2020 02:07:37 GMT (envelope-from kevans@FreeBSD.org) Message-Id: <202002120207.01C27bZM054631@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kevans set sender to kevans@FreeBSD.org using -f From: Kyle Evans Date: Wed, 12 Feb 2020 02:07:37 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r357790 - in stable: 11/usr.bin/env 12/usr.bin/env X-SVN-Group: stable-11 X-SVN-Commit-Author: kevans X-SVN-Commit-Paths: in stable: 11/usr.bin/env 12/usr.bin/env X-SVN-Commit-Revision: 357790 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-11@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for only the 11-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Feb 2020 02:07:38 -0000 Author: kevans Date: Wed Feb 12 02:07:37 2020 New Revision: 357790 URL: https://svnweb.freebsd.org/changeset/base/357790 Log: MFC r354450: Add -0 option to ENV(1) With the -0 option added to ENV(1), some ports will no longer require genv from sysutils/coreutils. Modified: stable/11/usr.bin/env/env.1 stable/11/usr.bin/env/env.c Directory Properties: stable/11/ (props changed) Changes in other areas also in this revision: Modified: stable/12/usr.bin/env/env.1 stable/12/usr.bin/env/env.c Directory Properties: stable/12/ (props changed) Modified: stable/11/usr.bin/env/env.1 ============================================================================== --- stable/11/usr.bin/env/env.1 Wed Feb 12 02:04:03 2020 (r357789) +++ stable/11/usr.bin/env/env.1 Wed Feb 12 02:07:37 2020 (r357790) @@ -31,7 +31,7 @@ .\" From FreeBSD: src/usr.bin/printenv/printenv.1,v 1.17 2002/11/26 17:33:35 ru Exp .\" $FreeBSD$ .\" -.Dd April 17, 2008 +.Dd November 7, 2019 .Dt ENV 1 .Os .Sh NAME @@ -39,7 +39,7 @@ .Nd set environment and execute command, or print environment .Sh SYNOPSIS .Nm -.Op Fl iv +.Op Fl 0iv .Op Fl P Ar altpath .Op Fl S Ar string .Op Fl u Ar name @@ -64,6 +64,8 @@ is executed. .Pp The options are as follows: .Bl -tag -width indent +.It Fl 0 +End each output line with NUL, not newline. .It Fl i Execute the .Ar utility @@ -130,8 +132,15 @@ If no .Ar utility is specified, .Nm -prints out the names and values -of the variables in the environment, with one name/value pair per line. +prints out the names and values of the variables in the environment. +Each name/value pair is separated by a new line unless +.Fl 0 +is specified, in which case name/value pairs are separated by NUL. +Both +.Fl 0 +and +.Ar utility +may not be specified together. .\" .Ss Details of Fl S \&Ss (split-string) processing The processing of the Modified: stable/11/usr.bin/env/env.c ============================================================================== --- stable/11/usr.bin/env/env.c Wed Feb 12 02:04:03 2020 (r357789) +++ stable/11/usr.bin/env/env.c Wed Feb 12 02:07:37 2020 (r357790) @@ -57,22 +57,33 @@ int env_verbosity; static void usage(void); +/* + * Exit codes. + */ +#define EXIT_CANCELED 125 /* Internal error prior to exec attempt. */ +#define EXIT_CANNOT_INVOKE 126 /* Program located, but not usable. */ +#define EXIT_ENOENT 127 /* Could not find program to exec. */ + int main(int argc, char **argv) { - char *altpath, **ep, *p, **parg; + char *altpath, **ep, *p, **parg, term; char *cleanenv[1]; int ch, want_clear; int rtrn; altpath = NULL; want_clear = 0; - while ((ch = getopt(argc, argv, "-iP:S:u:v")) != -1) + term = '\n'; + while ((ch = getopt(argc, argv, "-0iP:S:u:v")) != -1) switch(ch) { case '-': case 'i': want_clear = 1; break; + case '0': + term = '\0'; + break; case 'P': altpath = strdup(optarg); break; @@ -116,6 +127,8 @@ main(int argc, char **argv) err(EXIT_FAILURE, "setenv %s", *argv); } if (*argv) { + if (term == '\0') + errx(EXIT_CANCELED, "cannot specify command with -0"); if (altpath) search_paths(altpath, argv); if (env_verbosity) { @@ -127,10 +140,11 @@ main(int argc, char **argv) sleep(1); } execvp(*argv, argv); - err(errno == ENOENT ? 127 : 126, "%s", *argv); + err(errno == ENOENT ? EXIT_ENOENT : EXIT_CANNOT_INVOKE, + "%s", *argv); } for (ep = environ; *ep; ep++) - (void)printf("%s\n", *ep); + (void)printf("%s%c", *ep, term); exit(0); } @@ -138,7 +152,7 @@ static void usage(void) { (void)fprintf(stderr, - "usage: env [-iv] [-P utilpath] [-S string] [-u name]\n" + "usage: env [-0iv] [-P utilpath] [-S string] [-u name]\n" " [name=value ...] [utility [argument ...]]\n"); exit(1); } From owner-svn-src-stable-11@freebsd.org Wed Feb 12 02:09:13 2020 Return-Path: Delivered-To: svn-src-stable-11@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 68B11249B8F; Wed, 12 Feb 2020 02:09:13 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48HNP526pfz3DQR; Wed, 12 Feb 2020 02:09:13 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 43F2A19C26; Wed, 12 Feb 2020 02:09:13 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 01C29DvN054778; Wed, 12 Feb 2020 02:09:13 GMT (envelope-from kevans@FreeBSD.org) Received: (from kevans@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 01C29CVJ054775; Wed, 12 Feb 2020 02:09:12 GMT (envelope-from kevans@FreeBSD.org) Message-Id: <202002120209.01C29CVJ054775@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kevans set sender to kevans@FreeBSD.org using -f From: Kyle Evans Date: Wed, 12 Feb 2020 02:09:12 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r357791 - in stable: 11/usr.bin/env 12/usr.bin/env X-SVN-Group: stable-11 X-SVN-Commit-Author: kevans X-SVN-Commit-Paths: in stable: 11/usr.bin/env 12/usr.bin/env X-SVN-Commit-Revision: 357791 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-11@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for only the 11-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Feb 2020 02:09:13 -0000 Author: kevans Date: Wed Feb 12 02:09:12 2020 New Revision: 357791 URL: https://svnweb.freebsd.org/changeset/base/357791 Log: MFC r357563: env(1): grow -L user/class and -U user/class options This allows one to set the environment of the specified user either from login.conf alone (-L) or both login.conf and ~/.login_conf if present (-U). This is a supporting feature to allow service(8) to pull in the environment of the "daemon" class before invoking the rc script. Modified: stable/11/usr.bin/env/Makefile stable/11/usr.bin/env/env.1 stable/11/usr.bin/env/env.c Directory Properties: stable/11/ (props changed) Changes in other areas also in this revision: Modified: stable/12/usr.bin/env/Makefile stable/12/usr.bin/env/env.1 stable/12/usr.bin/env/env.c Directory Properties: stable/12/ (props changed) Modified: stable/11/usr.bin/env/Makefile ============================================================================== --- stable/11/usr.bin/env/Makefile Wed Feb 12 02:07:37 2020 (r357790) +++ stable/11/usr.bin/env/Makefile Wed Feb 12 02:09:12 2020 (r357791) @@ -4,4 +4,6 @@ PROG= env SRCS= env.c envopts.c +LIBADD= util + .include Modified: stable/11/usr.bin/env/env.1 ============================================================================== --- stable/11/usr.bin/env/env.1 Wed Feb 12 02:07:37 2020 (r357790) +++ stable/11/usr.bin/env/env.1 Wed Feb 12 02:09:12 2020 (r357791) @@ -31,7 +31,7 @@ .\" From FreeBSD: src/usr.bin/printenv/printenv.1,v 1.17 2002/11/26 17:33:35 ru Exp .\" $FreeBSD$ .\" -.Dd November 7, 2019 +.Dd January 19, 2020 .Dt ENV 1 .Os .Sh NAME @@ -40,6 +40,7 @@ .Sh SYNOPSIS .Nm .Op Fl 0iv +.Op Fl L Ns | Ns Fl U Ar user Ns Op / Ns Ar class .Op Fl P Ar altpath .Op Fl S Ar string .Op Fl u Ar name @@ -76,6 +77,28 @@ The environment inherited by .Nm is ignored completely. +.\" -L | -U +.It Fl L | Fl U Ar user Ns Op / Ns Ar class +Add the environment variable definitions from +.Xr login.conf 5 +for the specified user and login class to the environment, after +processing any +.Fl i +or +.Fl u +options, but before processing any +.Ar name Ns = Ns Ar value +options. +If +.Fl L +is used, only the system-wide +.Pa /etc/login.conf.db +file is read; if +.Fl U +is used, then the specified user's +.Pa ~/.login_conf +is read as well. +The user may be specified by name or by uid. .\" -P .It Fl P Ar altpath Search the set of directories as specified by @@ -450,6 +473,7 @@ option as a synonym for .Xr printenv 1 , .Xr sh 1 , .Xr execvp 3 , +.Xr login.conf 5 , .Xr environ 7 .Sh STANDARDS The @@ -457,7 +481,7 @@ The utility conforms to .St -p1003.1-2001 . The -.Fl P , S , u +.Fl 0 , L , P , S , U , u and .Fl v options are non-standard extensions supported by @@ -474,6 +498,12 @@ and .Fl v options were added in .Fx 6.0 . +The +.Fl 0 , L +and +.Fl U +options were added in +.Fx 13.0 . .Sh BUGS The .Nm Modified: stable/11/usr.bin/env/env.c ============================================================================== --- stable/11/usr.bin/env/env.c Wed Feb 12 02:07:37 2020 (r357790) +++ stable/11/usr.bin/env/env.c Wed Feb 12 02:09:12 2020 (r357791) @@ -42,11 +42,16 @@ static char sccsid[] = "@(#)env.c 8.3 (Berkeley) 4/2/9 #include __FBSDID("$FreeBSD$"); +#include + #include #include +#include +#include +#include #include -#include #include +#include #include #include "envopts.h" @@ -69,13 +74,23 @@ main(int argc, char **argv) { char *altpath, **ep, *p, **parg, term; char *cleanenv[1]; + char *login_class, *login_name; + struct passwd *pw; + login_cap_t *lc; + bool login_as_user; + uid_t uid; int ch, want_clear; int rtrn; altpath = NULL; + login_class = NULL; + login_name = NULL; + pw = NULL; + lc = NULL; + login_as_user = false; want_clear = 0; term = '\n'; - while ((ch = getopt(argc, argv, "-0iP:S:u:v")) != -1) + while ((ch = getopt(argc, argv, "-0iL:P:S:U:u:v")) != -1) switch(ch) { case '-': case 'i': @@ -84,6 +99,12 @@ main(int argc, char **argv) case '0': term = '\0'; break; + case 'U': + login_as_user = true; + /* FALLTHROUGH */ + case 'L': + login_name = optarg; + break; case 'P': altpath = strdup(optarg); break; @@ -117,6 +138,48 @@ main(int argc, char **argv) if (env_verbosity) fprintf(stderr, "#env clearing environ\n"); } + if (login_name != NULL) { + login_class = strchr(login_name, '/'); + if (login_class) + *login_class++ = '\0'; + pw = getpwnam(login_name); + if (pw == NULL) { + char *endp = NULL; + errno = 0; + uid = strtoul(login_name, &endp, 10); + if (errno == 0 && *endp == '\0') + pw = getpwuid(uid); + } + if (pw == NULL) + errx(EXIT_FAILURE, "no such user: %s", login_name); + if (login_class != NULL) { + lc = login_getclass(login_class); + if (lc == NULL) + errx(EXIT_FAILURE, "no such login class: %s", + login_class); + } else { + lc = login_getpwclass(pw); + if (lc == NULL) + errx(EXIT_FAILURE, "login_getpwclass failed"); + } + + /* + * This is not done with setusercontext() because that will + * try and use ~/.login_conf even when we don't want it to. + */ + setclassenvironment(lc, pw, 1); + setclassenvironment(lc, pw, 0); + if (login_as_user) { + login_close(lc); + if ((lc = login_getuserclass(pw)) != NULL) { + setclassenvironment(lc, pw, 1); + setclassenvironment(lc, pw, 0); + } + } + endpwent(); + if (lc != NULL) + login_close(lc); + } for (argv += optind; *argv && (p = strchr(*argv, '=')); ++argv) { if (env_verbosity) fprintf(stderr, "#env setenv:\t%s\n", *argv); @@ -152,7 +215,7 @@ static void usage(void) { (void)fprintf(stderr, - "usage: env [-0iv] [-P utilpath] [-S string] [-u name]\n" + "usage: env [-0iv] [-L|-U user[/class]] [-P utilpath] [-S string] [-u name]\n" " [name=value ...] [utility [argument ...]]\n"); exit(1); } From owner-svn-src-stable-11@freebsd.org Wed Feb 12 02:17:21 2020 Return-Path: Delivered-To: svn-src-stable-11@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 180E6249E24; Wed, 12 Feb 2020 02:17:21 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48HNZS6kqCz3DwM; Wed, 12 Feb 2020 02:17:20 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id DDBB219DE7; Wed, 12 Feb 2020 02:17:20 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 01C2HKgq061003; Wed, 12 Feb 2020 02:17:20 GMT (envelope-from kevans@FreeBSD.org) Received: (from kevans@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 01C2HKYw061002; Wed, 12 Feb 2020 02:17:20 GMT (envelope-from kevans@FreeBSD.org) Message-Id: <202002120217.01C2HKYw061002@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kevans set sender to kevans@FreeBSD.org using -f From: Kyle Evans Date: Wed, 12 Feb 2020 02:17:20 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r357792 - in stable: 11/sys/geom/eli 12/sys/geom/eli X-SVN-Group: stable-11 X-SVN-Commit-Author: kevans X-SVN-Commit-Paths: in stable: 11/sys/geom/eli 12/sys/geom/eli X-SVN-Commit-Revision: 357792 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-11@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for only the 11-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Feb 2020 02:17:21 -0000 Author: kevans Date: Wed Feb 12 02:17:20 2020 New Revision: 357792 URL: https://svnweb.freebsd.org/changeset/base/357792 Log: MFC r357665: geli taste: allow GELIBOOT tagged providers as well Currently the installer will tag geliboot partitions with both BOOT and GELIBOOT; the former allows the kernel to taste it at boot, while the latter is what loaders keys off of. However, it seems reasonable to assume that if a provider's been tagged with GELIBOOT that the kernel should also take that as a hint to taste/attach at boot. This would allow us to stop tagging GELIBOOT partitions with BOOT in bsdinstall, but I'm not sure that there's a compelling reason to do so any time soon. Modified: stable/11/sys/geom/eli/g_eli.c Directory Properties: stable/11/ (props changed) Changes in other areas also in this revision: Modified: stable/12/sys/geom/eli/g_eli.c Directory Properties: stable/12/ (props changed) Modified: stable/11/sys/geom/eli/g_eli.c ============================================================================== --- stable/11/sys/geom/eli/g_eli.c Wed Feb 12 02:09:12 2020 (r357791) +++ stable/11/sys/geom/eli/g_eli.c Wed Feb 12 02:17:20 2020 (r357792) @@ -1080,7 +1080,8 @@ g_eli_taste(struct g_class *mp, struct g_provider *pp, if (md.md_provsize != pp->mediasize) return (NULL); /* Should we attach it on boot? */ - if (!(md.md_flags & G_ELI_FLAG_BOOT)) + if (!(md.md_flags & G_ELI_FLAG_BOOT) && + !(md.md_flags & G_ELI_FLAG_GELIBOOT)) return (NULL); if (md.md_keys == 0x00) { G_ELI_DEBUG(0, "No valid keys on %s.", pp->name); From owner-svn-src-stable-11@freebsd.org Wed Feb 12 14:50:14 2020 Return-Path: Delivered-To: svn-src-stable-11@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4929B239CFB; Wed, 12 Feb 2020 14:50:14 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48HjHB1CRBz4TXS; Wed, 12 Feb 2020 14:50:14 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 065F822D00; Wed, 12 Feb 2020 14:50:14 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 01CEoDAj012200; Wed, 12 Feb 2020 14:50:13 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 01CEoDiW012198; Wed, 12 Feb 2020 14:50:13 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <202002121450.01CEoDiW012198@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Wed, 12 Feb 2020 14:50:13 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r357822 - stable/11/sys/netpfil/pf X-SVN-Group: stable-11 X-SVN-Commit-Author: gjb X-SVN-Commit-Paths: stable/11/sys/netpfil/pf X-SVN-Commit-Revision: 357822 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-11@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for only the 11-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Feb 2020 14:50:14 -0000 Author: gjb Date: Wed Feb 12 14:50:13 2020 New Revision: 357822 URL: https://svnweb.freebsd.org/changeset/base/357822 Log: MFC r332404 (kp): pf: limit ioctl to a reasonable and tuneable number of elements pf ioctls frequently take a variable number of elements as argument. This can potentially allow users to request very large allocations. These will fail, but even a failing M_NOWAIT might tie up resources and result in concurrent M_WAITOK allocations entering vm_wait and inducing reclamation of caches. Limit these ioctls to what should be a reasonable value, but allow users to tune it should they need to. Sponsored by: Rubicon Communications, LLC (netgate.com) Modified: stable/11/sys/netpfil/pf/pf.c stable/11/sys/netpfil/pf/pf_ioctl.c Directory Properties: stable/11/ (props changed) Modified: stable/11/sys/netpfil/pf/pf.c ============================================================================== --- stable/11/sys/netpfil/pf/pf.c Wed Feb 12 14:06:02 2020 (r357821) +++ stable/11/sys/netpfil/pf/pf.c Wed Feb 12 14:50:13 2020 (r357822) @@ -363,11 +363,14 @@ u_long pf_hashmask; u_long pf_srchashmask; static u_long pf_hashsize; static u_long pf_srchashsize; +u_long pf_ioctl_maxcount = 65535; SYSCTL_ULONG(_net_pf, OID_AUTO, states_hashsize, CTLFLAG_RDTUN, &pf_hashsize, 0, "Size of pf(4) states hashtable"); SYSCTL_ULONG(_net_pf, OID_AUTO, source_nodes_hashsize, CTLFLAG_RDTUN, &pf_srchashsize, 0, "Size of pf(4) source nodes hashtable"); +SYSCTL_ULONG(_net_pf, OID_AUTO, request_maxcount, CTLFLAG_RDTUN, + &pf_ioctl_maxcount, 0, "Maximum number of tables, addresses, ... in a single ioctl() call"); VNET_DEFINE(void *, pf_swi_cookie); Modified: stable/11/sys/netpfil/pf/pf_ioctl.c ============================================================================== --- stable/11/sys/netpfil/pf/pf_ioctl.c Wed Feb 12 14:06:02 2020 (r357821) +++ stable/11/sys/netpfil/pf/pf_ioctl.c Wed Feb 12 14:50:13 2020 (r357822) @@ -86,8 +86,6 @@ __FBSDID("$FreeBSD$"); #include #endif -#define PF_TABLES_MAX_REQUEST 65535 /* Maximum tables per request. */ - static struct pf_pool *pf_get_pool(char *, u_int32_t, u_int8_t, u_int32_t, u_int8_t, u_int8_t, u_int8_t); @@ -215,6 +213,8 @@ pfsync_detach_ifnet_t *pfsync_detach_ifnet_ptr; /* pflog */ pflog_packet_t *pflog_packet_ptr = NULL; +extern u_long pf_ioctl_maxcount; + static void pfattach_vnet(void) { @@ -2528,7 +2528,8 @@ DIOCCHANGEADDR_error: break; } - if (io->pfrio_size < 0 || io->pfrio_size > PF_TABLES_MAX_REQUEST) { + if (io->pfrio_size < 0 || io->pfrio_size > pf_ioctl_maxcount || + WOULD_OVERFLOW(io->pfrio_size, sizeof(struct pfr_table))) { error = ENOMEM; break; } @@ -2559,7 +2560,8 @@ DIOCCHANGEADDR_error: break; } - if (io->pfrio_size < 0 || io->pfrio_size > PF_TABLES_MAX_REQUEST) { + if (io->pfrio_size < 0 || io->pfrio_size > pf_ioctl_maxcount || + WOULD_OVERFLOW(io->pfrio_size, sizeof(struct pfr_table))) { error = ENOMEM; break; } @@ -2732,6 +2734,7 @@ DIOCCHANGEADDR_error: break; } if (io->pfrio_size < 0 || + io->pfrio_size > pf_ioctl_maxcount || WOULD_OVERFLOW(io->pfrio_size, sizeof(struct pfr_addr))) { error = EINVAL; break; @@ -2769,6 +2772,7 @@ DIOCCHANGEADDR_error: break; } if (io->pfrio_size < 0 || + io->pfrio_size > pf_ioctl_maxcount || WOULD_OVERFLOW(io->pfrio_size, sizeof(struct pfr_addr))) { error = EINVAL; break; @@ -2810,7 +2814,8 @@ DIOCCHANGEADDR_error: break; } count = max(io->pfrio_size, io->pfrio_size2); - if (WOULD_OVERFLOW(count, sizeof(struct pfr_addr))) { + if (count > pf_ioctl_maxcount || + WOULD_OVERFLOW(count, sizeof(struct pfr_addr))) { error = EINVAL; break; } @@ -2848,6 +2853,7 @@ DIOCCHANGEADDR_error: break; } if (io->pfrio_size < 0 || + io->pfrio_size > pf_ioctl_maxcount || WOULD_OVERFLOW(io->pfrio_size, sizeof(struct pfr_addr))) { error = EINVAL; break; @@ -2879,6 +2885,7 @@ DIOCCHANGEADDR_error: break; } if (io->pfrio_size < 0 || + io->pfrio_size > pf_ioctl_maxcount || WOULD_OVERFLOW(io->pfrio_size, sizeof(struct pfr_astats))) { error = EINVAL; break; @@ -2910,6 +2917,7 @@ DIOCCHANGEADDR_error: break; } if (io->pfrio_size < 0 || + io->pfrio_size > pf_ioctl_maxcount || WOULD_OVERFLOW(io->pfrio_size, sizeof(struct pfr_addr))) { error = EINVAL; break; @@ -2947,6 +2955,7 @@ DIOCCHANGEADDR_error: break; } if (io->pfrio_size < 0 || + io->pfrio_size > pf_ioctl_maxcount || WOULD_OVERFLOW(io->pfrio_size, sizeof(struct pfr_addr))) { error = EINVAL; break; @@ -2984,6 +2993,7 @@ DIOCCHANGEADDR_error: break; } if (io->pfrio_size < 0 || + io->pfrio_size > pf_ioctl_maxcount || WOULD_OVERFLOW(io->pfrio_size, sizeof(struct pfr_addr))) { error = EINVAL; break; @@ -3036,6 +3046,7 @@ DIOCCHANGEADDR_error: break; } if (io->size < 0 || + io->size > pf_ioctl_maxcount || WOULD_OVERFLOW(io->size, sizeof(struct pfioc_trans_e))) { error = EINVAL; break; @@ -3112,6 +3123,7 @@ DIOCCHANGEADDR_error: break; } if (io->size < 0 || + io->size > pf_ioctl_maxcount || WOULD_OVERFLOW(io->size, sizeof(struct pfioc_trans_e))) { error = EINVAL; break; @@ -3189,6 +3201,7 @@ DIOCCHANGEADDR_error: } if (io->size < 0 || + io->size > pf_ioctl_maxcount || WOULD_OVERFLOW(io->size, sizeof(struct pfioc_trans_e))) { error = EINVAL; break; @@ -3407,6 +3420,7 @@ DIOCCHANGEADDR_error: } if (io->pfiio_size < 0 || + io->pfiio_size > pf_ioctl_maxcount || WOULD_OVERFLOW(io->pfiio_size, sizeof(struct pfi_kif))) { error = EINVAL; break; From owner-svn-src-stable-11@freebsd.org Wed Feb 12 18:48:40 2020 Return-Path: Delivered-To: svn-src-stable-11@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8BFA3240201; Wed, 12 Feb 2020 18:48:40 +0000 (UTC) (envelope-from brooks@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48HpZJ2rNTz3JFF; Wed, 12 Feb 2020 18:48:40 +0000 (UTC) (envelope-from brooks@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 584DF25D30; Wed, 12 Feb 2020 18:48:40 +0000 (UTC) (envelope-from brooks@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 01CImesW057235; Wed, 12 Feb 2020 18:48:40 GMT (envelope-from brooks@FreeBSD.org) Received: (from brooks@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 01CIme51057234; Wed, 12 Feb 2020 18:48:40 GMT (envelope-from brooks@FreeBSD.org) Message-Id: <202002121848.01CIme51057234@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: brooks set sender to brooks@FreeBSD.org using -f From: Brooks Davis Date: Wed, 12 Feb 2020 18:48:40 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r357837 - stable/11/lib/libc/gen X-SVN-Group: stable-11 X-SVN-Commit-Author: brooks X-SVN-Commit-Paths: stable/11/lib/libc/gen X-SVN-Commit-Revision: 357837 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-11@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for only the 11-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Feb 2020 18:48:40 -0000 Author: brooks Date: Wed Feb 12 18:48:39 2020 New Revision: 357837 URL: https://svnweb.freebsd.org/changeset/base/357837 Log: MFC r356942: Correct a misleading indent. This dates to before the beginning of our repo and was found by clang 10. Sponsored by: DARPA Modified: stable/11/lib/libc/gen/ualarm.c Directory Properties: stable/11/ (props changed) Modified: stable/11/lib/libc/gen/ualarm.c ============================================================================== --- stable/11/lib/libc/gen/ualarm.c Wed Feb 12 18:40:29 2020 (r357836) +++ stable/11/lib/libc/gen/ualarm.c Wed Feb 12 18:48:39 2020 (r357837) @@ -56,6 +56,5 @@ ualarm(useconds_t usecs, useconds_t reload) if (setitimer(ITIMER_REAL, &new, &old) == 0) return (old.it_value.tv_sec * USPS + old.it_value.tv_usec); - /* else */ - return (-1); + return (-1); } From owner-svn-src-stable-11@freebsd.org Thu Feb 13 03:11:39 2020 Return-Path: Delivered-To: svn-src-stable-11@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id BDAC324B6B6; Thu, 13 Feb 2020 03:11:39 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48J1kg4fh4z4Ng3; Thu, 13 Feb 2020 03:11:39 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9A24041D0; Thu, 13 Feb 2020 03:11:39 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 01D3BdtK068162; Thu, 13 Feb 2020 03:11:39 GMT (envelope-from kevans@FreeBSD.org) Received: (from kevans@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 01D3BdpA068161; Thu, 13 Feb 2020 03:11:39 GMT (envelope-from kevans@FreeBSD.org) Message-Id: <202002130311.01D3BdpA068161@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kevans set sender to kevans@FreeBSD.org using -f From: Kyle Evans Date: Thu, 13 Feb 2020 03:11:39 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r357851 - stable/11/lib/libc/stdio X-SVN-Group: stable-11 X-SVN-Commit-Author: kevans X-SVN-Commit-Paths: stable/11/lib/libc/stdio X-SVN-Commit-Revision: 357851 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-11@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for only the 11-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Feb 2020 03:11:39 -0000 Author: kevans Date: Thu Feb 13 03:11:39 2020 New Revision: 357851 URL: https://svnweb.freebsd.org/changeset/base/357851 Log: MFC r327181: fsync(3): correctly document return values In r268924 the behavior of fflush was changed to return success on read only streams. Document this. Modified: stable/11/lib/libc/stdio/fflush.3 Directory Properties: stable/11/ (props changed) Modified: stable/11/lib/libc/stdio/fflush.3 ============================================================================== --- stable/11/lib/libc/stdio/fflush.3 Thu Feb 13 01:42:13 2020 (r357850) +++ stable/11/lib/libc/stdio/fflush.3 Thu Feb 13 03:11:39 2020 (r357851) @@ -32,7 +32,7 @@ .\" @(#)fflush.3 8.1 (Berkeley) 6/4/93 .\" $FreeBSD$ .\" -.Dd June 4, 1993 +.Dd December 25, 2017 .Dt FFLUSH 3 .Os .Sh NAME @@ -87,9 +87,7 @@ is set to indicate the error. The .Fa stream argument -is not an open stream, or, in the case of -.Fn fflush , -not a stream open for writing. +is not an open stream. .El .Pp The function @@ -97,7 +95,12 @@ The function may also fail and set .Va errno for any of the errors specified for the routine -.Xr write 2 . +.Xr write 2 , +except that in case of +.Fa stream +being a read-only descriptor, +.Fn fflush +returns 0. .Sh SEE ALSO .Xr write 2 , .Xr fclose 3 , From owner-svn-src-stable-11@freebsd.org Thu Feb 13 03:13:32 2020 Return-Path: Delivered-To: svn-src-stable-11@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 541C724B770; Thu, 13 Feb 2020 03:13:32 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48J1mr1bBzz4Ns0; Thu, 13 Feb 2020 03:13:32 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 31AF04235; Thu, 13 Feb 2020 03:13:32 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 01D3DWg3070586; Thu, 13 Feb 2020 03:13:32 GMT (envelope-from kevans@FreeBSD.org) Received: (from kevans@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 01D3DTYC070573; Thu, 13 Feb 2020 03:13:29 GMT (envelope-from kevans@FreeBSD.org) Message-Id: <202002130313.01D3DTYC070573@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kevans set sender to kevans@FreeBSD.org using -f From: Kyle Evans Date: Thu, 13 Feb 2020 03:13:29 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r357852 - in stable: 11/include 11/lib/libc/stdio 12/include 12/lib/libc/stdio X-SVN-Group: stable-11 X-SVN-Commit-Author: kevans X-SVN-Commit-Paths: in stable: 11/include 11/lib/libc/stdio 12/include 12/lib/libc/stdio X-SVN-Commit-Revision: 357852 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-11@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for only the 11-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Feb 2020 03:13:32 -0000 Author: kevans Date: Thu Feb 13 03:13:29 2020 New Revision: 357852 URL: https://svnweb.freebsd.org/changeset/base/357852 Log: MFC r357284, r357419: stdio unlocked r357284: stdio: provide _unlocked variants of fflush, fputc, fputs, fread, fwrite fflush_unlocked is currently desired in ports by sysutils/metalog, and redefined as the locked fflush. fputc_unlocked, fputs_unlocked, fread_unlocked, and fwrite_unlocked are currently desired in ports by devel/elfutils, and redefined as the locked fputs, fread, and fwrite respectively. r357419: libc: provide fputc_unlocked Among the same justification as the other stdio _unlocked; in addition to an inline version in , we must provide a function in libc as well for the functionality. This fixes the lang/gcc* builds, which want to use the symbol from libc. Modified: stable/11/include/stdio.h stable/11/lib/libc/stdio/Makefile.inc stable/11/lib/libc/stdio/Symbol.map stable/11/lib/libc/stdio/fflush.3 stable/11/lib/libc/stdio/fflush.c stable/11/lib/libc/stdio/fputc.c stable/11/lib/libc/stdio/fputs.3 stable/11/lib/libc/stdio/fputs.c stable/11/lib/libc/stdio/fread.3 stable/11/lib/libc/stdio/fread.c stable/11/lib/libc/stdio/fwrite.c stable/11/lib/libc/stdio/putc.3 Directory Properties: stable/11/ (props changed) Changes in other areas also in this revision: Modified: stable/12/include/stdio.h stable/12/lib/libc/stdio/Makefile.inc stable/12/lib/libc/stdio/Symbol.map stable/12/lib/libc/stdio/fflush.3 stable/12/lib/libc/stdio/fflush.c stable/12/lib/libc/stdio/fputc.c stable/12/lib/libc/stdio/fputs.3 stable/12/lib/libc/stdio/fputs.c stable/12/lib/libc/stdio/fread.3 stable/12/lib/libc/stdio/fread.c stable/12/lib/libc/stdio/fwrite.c stable/12/lib/libc/stdio/putc.3 Directory Properties: stable/12/ (props changed) Modified: stable/11/include/stdio.h ============================================================================== --- stable/11/include/stdio.h Thu Feb 13 03:11:39 2020 (r357851) +++ stable/11/include/stdio.h Thu Feb 13 03:13:29 2020 (r357852) @@ -345,7 +345,13 @@ int putchar_unlocked(int); void clearerr_unlocked(FILE *); int feof_unlocked(FILE *); int ferror_unlocked(FILE *); +int fflush_unlocked(FILE *); int fileno_unlocked(FILE *); +int fputc_unlocked(int, FILE *); +int fputs_unlocked(const char * __restrict, FILE * __restrict); +size_t fread_unlocked(void * __restrict, size_t, size_t, FILE * __restrict); +size_t fwrite_unlocked(const void * __restrict, size_t, size_t, + FILE * __restrict); #endif #if __POSIX_VISIBLE >= 200112 @@ -541,10 +547,11 @@ extern int __isthreaded; * See ISO/IEC 9945-1 ANSI/IEEE Std 1003.1 Second Edition 1996-07-12 * B.8.2.7 for the rationale behind the *_unlocked() macros. */ +#define clearerr_unlocked(p) __sclearerr(p) #define feof_unlocked(p) __sfeof(p) #define ferror_unlocked(p) __sferror(p) -#define clearerr_unlocked(p) __sclearerr(p) #define fileno_unlocked(p) __sfileno(p) +#define fputc_unlocked(s, p) __sputc(s, p) #endif #if __POSIX_VISIBLE >= 199506 #define getc_unlocked(fp) __sgetc(fp) Modified: stable/11/lib/libc/stdio/Makefile.inc ============================================================================== --- stable/11/lib/libc/stdio/Makefile.inc Thu Feb 13 03:11:39 2020 (r357851) +++ stable/11/lib/libc/stdio/Makefile.inc Thu Feb 13 03:13:29 2020 (r357852) @@ -48,13 +48,17 @@ MLINKS+=ferror.3 ferror_unlocked.3 \ ferror.3 clearerr.3 ferror.3 clearerr_unlocked.3 \ ferror.3 feof.3 ferror.3 feof_unlocked.3 \ ferror.3 fileno.3 ferror.3 fileno_unlocked.3 -MLINKS+=fflush.3 fpurge.3 +MLINKS+=fflush.3 fflush_unlocked.3 \ + fflush.3 fpurge.3 MLINKS+=fgets.3 gets.3 MLINKS+=fgets.3 gets_s.3 MLINKS+=flockfile.3 ftrylockfile.3 flockfile.3 funlockfile.3 MLINKS+=fopen.3 fdopen.3 fopen.3 freopen.3 fopen.3 fmemopen.3 -MLINKS+=fputs.3 puts.3 -MLINKS+=fread.3 fwrite.3 +MLINKS+=fputs.3 fputs_unlocked.3 \ + fputs.3 puts.3 +MLINKS+=fread.3 fread_unlocked.3 \ + fread.3 fwrite.3 \ + fread.3 fwrite_unlocked.3 MLINKS+=fseek.3 fgetpos.3 fseek.3 fseeko.3 fseek.3 fsetpos.3 fseek.3 ftell.3 \ fseek.3 ftello.3 fseek.3 rewind.3 MLINKS+=funopen.3 fropen.3 funopen.3 fwopen.3 Modified: stable/11/lib/libc/stdio/Symbol.map ============================================================================== --- stable/11/lib/libc/stdio/Symbol.map Thu Feb 13 03:11:39 2020 (r357851) +++ stable/11/lib/libc/stdio/Symbol.map Thu Feb 13 03:13:29 2020 (r357852) @@ -171,6 +171,14 @@ FBSD_1.5 { gets_s; }; +FBSD_1.6 { + fflush_unlocked; + fputc_unlocked; + fputs_unlocked; + fread_unlocked; + fwrite_unlocked; +}; + FBSDprivate_1.0 { _flockfile; _flockfile_debug_stub; Modified: stable/11/lib/libc/stdio/fflush.3 ============================================================================== --- stable/11/lib/libc/stdio/fflush.3 Thu Feb 13 03:11:39 2020 (r357851) +++ stable/11/lib/libc/stdio/fflush.3 Thu Feb 13 03:13:29 2020 (r357852) @@ -32,11 +32,12 @@ .\" @(#)fflush.3 8.1 (Berkeley) 6/4/93 .\" $FreeBSD$ .\" -.Dd December 25, 2017 +.Dd January 23, 2020 .Dt FFLUSH 3 .Os .Sh NAME .Nm fflush , +.Nm fflush_unlocked , .Nm fpurge .Nd flush a stream .Sh LIBRARY @@ -46,6 +47,8 @@ .Ft int .Fn fflush "FILE *stream" .Ft int +.Fn fflush_unlocked "FILE *stream" +.Ft int .Fn fpurge "FILE *stream" .Sh DESCRIPTION The function @@ -63,6 +66,16 @@ argument is flushes .Em all open output streams. +.Pp +The +.Fn fflush_unlocked +function is equivalent to +.Fn fflush , +except that the caller is responsible for locking the stream with +.Xr flockfile 3 +before calling it. +This function may be used to avoid the overhead of locking the stream and to +prevent races when multiple threads are operating on the same stream. .Pp The function .Fn fpurge Modified: stable/11/lib/libc/stdio/fflush.c ============================================================================== --- stable/11/lib/libc/stdio/fflush.c Thu Feb 13 03:11:39 2020 (r357851) +++ stable/11/lib/libc/stdio/fflush.c Thu Feb 13 03:13:29 2020 (r357852) @@ -98,6 +98,8 @@ __fflush(FILE *fp) return (retval); } +__weak_reference(__fflush, fflush_unlocked); + int __sflush(FILE *fp) { Modified: stable/11/lib/libc/stdio/fputc.c ============================================================================== --- stable/11/lib/libc/stdio/fputc.c Thu Feb 13 03:11:39 2020 (r357851) +++ stable/11/lib/libc/stdio/fputc.c Thu Feb 13 03:13:29 2020 (r357852) @@ -42,14 +42,24 @@ __FBSDID("$FreeBSD$"); #include "local.h" #include "libc_private.h" +#undef fputc_unlocked + int +fputc_unlocked(int c, FILE *fp) +{ + + /* Orientation set by __sputc() when buffer is full. */ + /* ORIENT(fp, -1); */ + return (__sputc(c, fp)); +} + +int fputc(int c, FILE *fp) { int retval; + FLOCKFILE_CANCELSAFE(fp); - /* Orientation set by __sputc() when buffer is full. */ - /* ORIENT(fp, -1); */ - retval = __sputc(c, fp); + retval = fputc_unlocked(c, fp); FUNLOCKFILE_CANCELSAFE(); return (retval); } Modified: stable/11/lib/libc/stdio/fputs.3 ============================================================================== --- stable/11/lib/libc/stdio/fputs.3 Thu Feb 13 03:11:39 2020 (r357851) +++ stable/11/lib/libc/stdio/fputs.3 Thu Feb 13 03:13:29 2020 (r357852) @@ -32,11 +32,12 @@ .\" @(#)fputs.3 8.1 (Berkeley) 6/4/93 .\" $FreeBSD$ .\" -.Dd June 4, 1993 +.Dd January 23, 2020 .Dt FPUTS 3 .Os .Sh NAME .Nm fputs , +.Nm fputs_unlocked , .Nm puts .Nd output a line to a stream .Sh LIBRARY @@ -46,6 +47,8 @@ .Ft int .Fn fputs "const char *str" "FILE *stream" .Ft int +.Fn fputs_unlocked "const char *str" "FILE *stream" +.Ft int .Fn puts "const char *str" .Sh DESCRIPTION The function @@ -57,6 +60,16 @@ to the stream pointed to by .\" The terminating .\" .Dv NUL .\" character is not written. +.Pp +The +.Fn fputs_unlocked +function is equivalent to +.Fn fputs , +except that the caller is responsible for locking the stream with +.Xr flockfile 3 +before calling it. +This function may be used to avoid the overhead of locking the stream and to +prevent races when multiple threads are operating on the same stream. .Pp The function .Fn puts Modified: stable/11/lib/libc/stdio/fputs.c ============================================================================== --- stable/11/lib/libc/stdio/fputs.c Thu Feb 13 03:11:39 2020 (r357851) +++ stable/11/lib/libc/stdio/fputs.c Thu Feb 13 03:13:29 2020 (r357852) @@ -49,7 +49,7 @@ __FBSDID("$FreeBSD$"); * Write the given string to the given file. */ int -fputs(const char * __restrict s, FILE * __restrict fp) +fputs_unlocked(const char * __restrict s, FILE * __restrict fp) { int retval; struct __suio uio; @@ -59,11 +59,20 @@ fputs(const char * __restrict s, FILE * __restrict fp) uio.uio_resid = iov.iov_len = strlen(s); uio.uio_iov = &iov; uio.uio_iovcnt = 1; - FLOCKFILE_CANCELSAFE(fp); ORIENT(fp, -1); retval = __sfvwrite(fp, &uio); - FUNLOCKFILE_CANCELSAFE(); if (retval == 0) return (iov.iov_len > INT_MAX ? INT_MAX : iov.iov_len); + return (retval); +} + +int +fputs(const char * __restrict s, FILE * __restrict fp) +{ + int retval; + + FLOCKFILE_CANCELSAFE(fp); + retval = fputs_unlocked(s, fp); + FUNLOCKFILE_CANCELSAFE(); return (retval); } Modified: stable/11/lib/libc/stdio/fread.3 ============================================================================== --- stable/11/lib/libc/stdio/fread.3 Thu Feb 13 03:11:39 2020 (r357851) +++ stable/11/lib/libc/stdio/fread.3 Thu Feb 13 03:13:29 2020 (r357852) @@ -32,12 +32,14 @@ .\" @(#)fread.3 8.2 (Berkeley) 3/8/94 .\" $FreeBSD$ .\" -.Dd March 8, 1994 +.Dd January 23, 2020 .Dt FREAD 3 .Os .Sh NAME .Nm fread , -.Nm fwrite +.Nm fread_unlocked , +.Nm fwrite , +.Nm fwrite_unlocked .Nd binary stream input/output .Sh LIBRARY .Lb libc @@ -46,7 +48,11 @@ .Ft size_t .Fn fread "void * restrict ptr" "size_t size" "size_t nmemb" "FILE * restrict stream" .Ft size_t +.Fn fread_unlocked "void * restrict ptr" "size_t size" "size_t nmemb" "FILE * restrict stream" +.Ft size_t .Fn fwrite "const void * restrict ptr" "size_t size" "size_t nmemb" "FILE * restrict stream" +.Ft size_t +.Fn fwrite_unlocked "const void * restrict ptr" "size_t size" "size_t nmemb" "FILE * restrict stream" .Sh DESCRIPTION The function .Fn fread @@ -69,6 +75,21 @@ bytes long, to the stream pointed to by .Fa stream , obtaining them from the location given by .Fa ptr . +.Pp +The +.Fn fread_unlocked +and +.Fn fwrite_unlocked +functions are equivalent to +.Fn fread +and +.Fn fwrite +respectively, except that the caller is responsible for locking the stream +with +.Xr flockfile 3 +before calling them. +These functions may be used to avoid the overhead of locking the stream +and to prevent races when multiple threads are operating on the same stream. .Sh RETURN VALUES The functions .Fn fread Modified: stable/11/lib/libc/stdio/fread.c ============================================================================== --- stable/11/lib/libc/stdio/fread.c Thu Feb 13 03:11:39 2020 (r357851) +++ stable/11/lib/libc/stdio/fread.c Thu Feb 13 03:13:29 2020 (r357852) @@ -113,3 +113,5 @@ __fread(void * __restrict buf, size_t size, size_t cou fp->_p += resid; return (count); } + +__weak_reference(__fread, fread_unlocked); Modified: stable/11/lib/libc/stdio/fwrite.c ============================================================================== --- stable/11/lib/libc/stdio/fwrite.c Thu Feb 13 03:11:39 2020 (r357851) +++ stable/11/lib/libc/stdio/fwrite.c Thu Feb 13 03:13:29 2020 (r357852) @@ -50,7 +50,8 @@ __FBSDID("$FreeBSD$"); * Return the number of whole objects written. */ size_t -fwrite(const void * __restrict buf, size_t size, size_t count, FILE * __restrict fp) +fwrite_unlocked(const void * __restrict buf, size_t size, size_t count, + FILE * __restrict fp) { size_t n; struct __suio uio; @@ -82,7 +83,6 @@ fwrite(const void * __restrict buf, size_t size, size_ uio.uio_iov = &iov; uio.uio_iovcnt = 1; - FLOCKFILE_CANCELSAFE(fp); ORIENT(fp, -1); /* * The usual case is success (__sfvwrite returns 0); @@ -91,6 +91,17 @@ fwrite(const void * __restrict buf, size_t size, size_ */ if (__sfvwrite(fp, &uio) != 0) count = (n - uio.uio_resid) / size; - FUNLOCKFILE_CANCELSAFE(); return (count); +} + +size_t +fwrite(const void * __restrict buf, size_t size, size_t count, + FILE * __restrict fp) +{ + size_t n; + + FLOCKFILE_CANCELSAFE(fp); + n = fwrite_unlocked(buf, size, count, fp); + FUNLOCKFILE_CANCELSAFE(); + return (n); } Modified: stable/11/lib/libc/stdio/putc.3 ============================================================================== --- stable/11/lib/libc/stdio/putc.3 Thu Feb 13 03:11:39 2020 (r357851) +++ stable/11/lib/libc/stdio/putc.3 Thu Feb 13 03:13:29 2020 (r357852) @@ -32,11 +32,12 @@ .\" @(#)putc.3 8.1 (Berkeley) 6/4/93 .\" $FreeBSD$ .\" -.Dd January 10, 2003 +.Dd January 23, 2020 .Dt PUTC 3 .Os .Sh NAME .Nm fputc , +.Nm fputc_unlocked , .Nm putc , .Nm putc_unlocked , .Nm putchar , @@ -50,6 +51,8 @@ .Ft int .Fn fputc "int c" "FILE *stream" .Ft int +.Fn fputc_unlocked "int c" "FILE *stream" +.Ft int .Fn putc "int c" "FILE *stream" .Ft int .Fn putc_unlocked "int c" "FILE *stream" @@ -97,11 +100,13 @@ to the named output .Fa stream . .Pp The -.Fn putc_unlocked +.Fn fputc_unlocked , +.Fn putc_unlocked , and .Fn putchar_unlocked functions are equivalent to -.Fn putc +.Fn fputc , +.Fn putc , and .Fn putchar respectively, From owner-svn-src-stable-11@freebsd.org Fri Feb 14 02:27:01 2020 Return-Path: Delivered-To: svn-src-stable-11@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9B6AB23D794; Fri, 14 Feb 2020 02:27:01 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48Jchj3cCgz3QmT; Fri, 14 Feb 2020 02:27:01 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 771971C9AA; Fri, 14 Feb 2020 02:27:01 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 01E2R10T010855; Fri, 14 Feb 2020 02:27:01 GMT (envelope-from kevans@FreeBSD.org) Received: (from kevans@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 01E2R1ai010854; Fri, 14 Feb 2020 02:27:01 GMT (envelope-from kevans@FreeBSD.org) Message-Id: <202002140227.01E2R1ai010854@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kevans set sender to kevans@FreeBSD.org using -f From: Kyle Evans Date: Fri, 14 Feb 2020 02:27:01 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r357900 - in stable: 11/etc/periodic/daily 12/usr.sbin/periodic/etc/daily X-SVN-Group: stable-11 X-SVN-Commit-Author: kevans X-SVN-Commit-Paths: in stable: 11/etc/periodic/daily 12/usr.sbin/periodic/etc/daily X-SVN-Commit-Revision: 357900 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-11@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for only the 11-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Feb 2020 02:27:01 -0000 Author: kevans Date: Fri Feb 14 02:27:01 2020 New Revision: 357900 URL: https://svnweb.freebsd.org/changeset/base/357900 Log: MFC r357756: backup-passwd: mask out all passwords in the diff The previous expression borked if a username had a plus or hyphen in it. This is needlessly restrictive- at leSt a hyphen in the middle is valid. Instead of playing this game, let's just assume the username can't contain a colon and mask out the second field. Modified: stable/11/etc/periodic/daily/200.backup-passwd Directory Properties: stable/11/ (props changed) Changes in other areas also in this revision: Modified: stable/12/usr.sbin/periodic/etc/daily/200.backup-passwd Directory Properties: stable/12/ (props changed) Modified: stable/11/etc/periodic/daily/200.backup-passwd ============================================================================== --- stable/11/etc/periodic/daily/200.backup-passwd Fri Feb 14 02:22:08 2020 (r357899) +++ stable/11/etc/periodic/daily/200.backup-passwd Fri Feb 14 02:27:01 2020 (r357900) @@ -42,7 +42,7 @@ case "$daily_backup_passwd_enable" in [ $rc -lt 1 ] && rc=1 echo "$host passwd diffs:" diff -uI '^#' $bak/master.passwd.bak /etc/master.passwd |\ - sed 's/^\([-+ ][^-+:]*\):[^:]*:/\1:(password):/' + sed 's/^\([-+ ][^:]*\):[^:]*:/\1:(password):/' mv $bak/master.passwd.bak $bak/master.passwd.bak2 cp -p /etc/master.passwd $bak/master.passwd.bak || rc=3 fi From owner-svn-src-stable-11@freebsd.org Fri Feb 14 13:22:38 2020 Return-Path: Delivered-To: svn-src-stable-11@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A9778234A3E; Fri, 14 Feb 2020 13:22:38 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48JvFB3zgbz4b89; Fri, 14 Feb 2020 13:22:38 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 83E792435C; Fri, 14 Feb 2020 13:22:38 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 01EDMcIt007206; Fri, 14 Feb 2020 13:22:38 GMT (envelope-from kib@FreeBSD.org) Received: (from kib@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 01EDMcnE007205; Fri, 14 Feb 2020 13:22:38 GMT (envelope-from kib@FreeBSD.org) Message-Id: <202002141322.01EDMcnE007205@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kib set sender to kib@FreeBSD.org using -f From: Konstantin Belousov Date: Fri, 14 Feb 2020 13:22:38 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r357915 - stable/11/sys/compat/linux X-SVN-Group: stable-11 X-SVN-Commit-Author: kib X-SVN-Commit-Paths: stable/11/sys/compat/linux X-SVN-Commit-Revision: 357915 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-11@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for only the 11-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Feb 2020 13:22:38 -0000 Author: kib Date: Fri Feb 14 13:22:38 2020 New Revision: 357915 URL: https://svnweb.freebsd.org/changeset/base/357915 Log: MFC r357668: linux futex_put(): do not touch futex after dropping our reference. Modified: stable/11/sys/compat/linux/linux_futex.c Directory Properties: stable/11/ (props changed) Modified: stable/11/sys/compat/linux/linux_futex.c ============================================================================== --- stable/11/sys/compat/linux/linux_futex.c Fri Feb 14 13:14:19 2020 (r357914) +++ stable/11/sys/compat/linux/linux_futex.c Fri Feb 14 13:22:38 2020 (r357915) @@ -338,9 +338,9 @@ futex_put(struct futex *f, struct waiting_proc *wp) f->f_key.shared); LINUX_CTR3(sys_futex, "futex_put uaddr %p ref %d shared %d", f->f_uaddr, f->f_refcount, f->f_key.shared); - FUTEXES_UNLOCK; if (FUTEX_LOCKED(f)) futex_unlock(f); + FUTEXES_UNLOCK; LIN_SDT_PROBE0(futex, futex_put, return); } From owner-svn-src-stable-11@freebsd.org Sat Feb 15 12:05:12 2020 Return-Path: Delivered-To: svn-src-stable-11@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B3C62239164; Sat, 15 Feb 2020 12:05:12 +0000 (UTC) (envelope-from vmaffione@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48KTTN4NFFz4B4Z; Sat, 15 Feb 2020 12:05:12 +0000 (UTC) (envelope-from vmaffione@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 90FCFC89C; Sat, 15 Feb 2020 12:05:12 +0000 (UTC) (envelope-from vmaffione@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 01FC5CaT028911; Sat, 15 Feb 2020 12:05:12 GMT (envelope-from vmaffione@FreeBSD.org) Received: (from vmaffione@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 01FC5C9H028908; Sat, 15 Feb 2020 12:05:12 GMT (envelope-from vmaffione@FreeBSD.org) Message-Id: <202002151205.01FC5C9H028908@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: vmaffione set sender to vmaffione@FreeBSD.org using -f From: Vincenzo Maffione Date: Sat, 15 Feb 2020 12:05:12 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r357961 - in stable/11: share/man/man4 sys/dev/netmap X-SVN-Group: stable-11 X-SVN-Commit-Author: vmaffione X-SVN-Commit-Paths: in stable/11: share/man/man4 sys/dev/netmap X-SVN-Commit-Revision: 357961 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-11@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for only the 11-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 15 Feb 2020 12:05:12 -0000 Author: vmaffione Date: Sat Feb 15 12:05:11 2020 New Revision: 357961 URL: https://svnweb.freebsd.org/changeset/base/357961 Log: MFC r357663 netmap: improve netmap(4) and vale(4) man pages Clean up obsolete sysctl descriptions and add missing ones. PR: 243838 Reviewed by: bcr Differential Revision: https://reviews.freebsd.org/D23546 Modified: stable/11/share/man/man4/netmap.4 stable/11/share/man/man4/vale.4 stable/11/sys/dev/netmap/netmap_kern.h Directory Properties: stable/11/ (props changed) Modified: stable/11/share/man/man4/netmap.4 ============================================================================== --- stable/11/share/man/man4/netmap.4 Sat Feb 15 11:42:13 2020 (r357960) +++ stable/11/share/man/man4/netmap.4 Sat Feb 15 12:05:11 2020 (r357961) @@ -27,7 +27,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 20, 2018 +.Dd February 6, 2020 .Dt NETMAP 4 .Os .Sh NAME @@ -694,7 +694,7 @@ or are called with a write event (POLLOUT/wfdset) or a full ring. .Pp When registering a virtual interface that is dynamically created to a -.Xr vale 4 +.Nm VALE switch, we can specify the desired number of rings (1 by default, and currently up to 16) on it using nr_tx_rings and nr_rx_rings fields. .It Dv NIOCTXSYNC @@ -861,8 +861,10 @@ The sysctl variable .Va dev.netmap.admode globally controls how netmap mode is implemented. .Sh SYSCTL VARIABLES AND MODULE PARAMETERS -Some aspect of the operation of +Some aspects of the operation of .Nm +and +.Nm VALE are controlled through sysctl variables on .Fx .Em ( dev.netmap.* ) @@ -883,15 +885,14 @@ Number of rings used for emulated netmap mode Ring size used for emulated netmap mode .It Va dev.netmap.generic_mit: 100000 Controls interrupt moderation for emulated mode -.It Va dev.netmap.mmap_unreg: 0 .It Va dev.netmap.fwd: 0 Forces NS_FORWARD mode -.It Va dev.netmap.flags: 0 .It Va dev.netmap.txsync_retry: 2 +Number of txsync loops in the +.Nm VALE +flush function .It Va dev.netmap.no_pendintr: 1 Forces recovery of transmit buffers on system calls -.It Va dev.netmap.mitigate: 1 -Propagates interrupt mitigation to user processes .It Va dev.netmap.no_timestamp: 0 Disables the update of the timestamp in the netmap ring .It Va dev.netmap.verbose: 0 @@ -914,6 +915,18 @@ as it impacts the total amount of memory used by netma .It Va dev.netmap.if_curr_num: 0 .It Va dev.netmap.if_curr_size: 0 Actual values in use. +.It Va dev.netmap.priv_buf_num: 4098 +.It Va dev.netmap.priv_buf_size: 2048 +.It Va dev.netmap.priv_ring_num: 4 +.It Va dev.netmap.priv_ring_size: 20480 +.It Va dev.netmap.priv_if_num: 2 +.It Va dev.netmap.priv_if_size: 1024 +Sizes and number of objects (netmap_if, netmap_ring, buffers) +for private memory regions. +A separate memory region is used for each +.Nm VALE +port and each pair of +.Nm netmap pipes . .It Va dev.netmap.bridge_batch: 1024 Batch size used when moving packets across a .Nm VALE Modified: stable/11/share/man/man4/vale.4 ============================================================================== --- stable/11/share/man/man4/vale.4 Sat Feb 15 11:42:13 2020 (r357960) +++ stable/11/share/man/man4/vale.4 Sat Feb 15 12:05:11 2020 (r357961) @@ -28,7 +28,7 @@ .\" $FreeBSD$ .\" $Id: $ .\" -.Dd Jan 9, 2019 +.Dd February 6, 2020 .Dt VALE 4 .Os .Sh NAME @@ -77,21 +77,13 @@ See for details on the API. .Ss LIMITS .Nm -currently supports up to 4 switches, 16 ports per switch, with -1024 buffers per port. -These hard limits will be -changed to sysctl variables in future releases. +currently supports up to 8 switches, with 254 ports per switch. .Sh SYSCTL VARIABLES +See +.Xr netmap 4 +for a list of sysctl variables that affect .Nm -uses the following sysctl variables to control operation: -.Bl -tag -width dev.netmap.verbose -.It dev.netmap.bridge_batch -The maximum number of packets processed internally -in each iteration. -Defaults to 1024, use lower values to trade latency -with throughput. -.It dev.netmap.verbose -Set to non-zero values to enable in-kernel diagnostics. +bridges. .El .Sh EXAMPLES Create one switch, with a traffic generator connected to one Modified: stable/11/sys/dev/netmap/netmap_kern.h ============================================================================== --- stable/11/sys/dev/netmap/netmap_kern.h Sat Feb 15 11:42:13 2020 (r357960) +++ stable/11/sys/dev/netmap/netmap_kern.h Sat Feb 15 12:05:11 2020 (r357961) @@ -1611,7 +1611,6 @@ enum { /* debug flags }; extern int netmap_txsync_retry; -extern int netmap_flags; extern int netmap_generic_hwcsum; extern int netmap_generic_mit; extern int netmap_generic_ringsize;